Educause Security Discussion mailing list archives

Re: SSL/SSH certifiactes

From: Daniel Bennett <dbennett () PCT EDU>
Date: Thu, 13 May 2010 12:06:48 -0400

You could obtain a wildcard certificate (*.domain.edu) and use fully qualified domain names (ap11.domain.edu) for all 
your devices.
Daniel Bennett
IT Security Analyst
Pennsylvania College of Technology
P:570.329.4989
E:dbennett () pct edu



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Entwistle, Bruce
Sent: Thursday, May 13, 2010 12:02 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] SSL/SSH certifiactes

We are currently reviewing our network security.  One of the tools we are using in this process is reporting a 
vulnerability as a result of using self signed certificates on our Cisco IOS devices (switches, routers, access points) 
for ssh and ssl connections.  Rather than purchase 300 certificates to address this issue I thought I would ask what 
others are doing in this area.

Thank you
Bruce Entwistle
Network Manager
University of Redlands

Current thread:

SSL/SSH certifiactes Entwistle, Bruce (May 13)
- <Possible follow-ups>
- Re: SSL/SSH certifiactes Daniel Bennett (May 13)
- Re: SSL/SSH certifiactes Matthew Gracie (May 13)
- Re: SSL/SSH certifiactes Dexter Caldwell (May 13)
- Re: SSL/SSH certifiactes Greg Washburn (May 13)
- Re: SSL/SSH certifiactes John Ladwig (May 13)
- Re: SSL/SSH certifiactes Sam Hooker (May 13)
- Re: SSL/SSH certifiactes Andy Fleming (May 14)